BOOTKITTY: Multi-OS Trust Chain compromise from Bootkit to Rootkit

DAY 2

09:50-
10:30

Bootkits and rootkits are stealthy malware targeting the lowest system layers to bypass security defenses. Bootkits alter firmware or bootloaders to seize control early in boot, while rootkits hide in the OS kernel to conceal activity. Yet research is limited by complexity and lack of real samples.

In this talk, we present BOOTKITTY, a hybrid bootkit‑rootkit framework for Windows, Linux, and Android. By analyzing each OS’s secure boot mechanisms, we show how to generalize bootkit attacks to defeat platform‑specific protections. We demonstrate exploiting UEFI drivers and bootloader vulnerabilities to break the trust chain and bypass mitigations.

Our findings reveal systemic weaknesses in boot security and highlight the feasibility of cross‑platform bootkit attacks. This underscores the urgent need for unified, resilient secure boot designs.

Location :
- Track 2(HALL A)
Category :
- U25
Share :

Speakers

Junho Lee

イ・ジュノ

Mokpo National University, Student
I am a student researcher in South Korea focusing on low-level technologies such as UEFI and firmware.
Through a recent Bootkit project, I earned the title “First UEFI Bootkit for Linux,” demonstrating my UEFI-level expertise and implementing various offensive and defensive techniques.
I led this project to research security-mechanism bypass methods in Windows, Linux, and Android environments, gaining practical experience in vulnerability analysis.
Based on these experiences, I aim to make meaningful contributions to both academia and industry in the fields of low-level vulnerability analysis and system security enhancement.

Mokpo National University, Student
I am a student researcher in South Korea focusing on low-level technologies such as UEFI and firmware.
Through a recent Bootkit project, I earned the title “First UEFI Bootkit for Linux,” demonstrating my UEFI-level expertise and implementing various offensive and defensive techniques.
I led this project to research security-mechanism bypass methods in Windows, Linux, and Android environments, gaining practical experience in vulnerability analysis.
Based on these experiences, I aim to make meaningful contributions to both academia and industry in the fields of low-level vulnerability analysis and system security enhancement.
HyunA Seo

ソ・ヒョナ

Sungshin Women's University, Student
I am a student at Sungshin Women’s University, majoring in system security and vulnerability analysis. I have a strong passion for low-level system security, especially in system hacking, reverse engineering, and hardware hacking, including firmware and embedded systems. My research focuses on offensive and defensive techniques in low-level environments, such as boot process manipulation, trust chain bypassing, and kernel analysis.
I enjoy exploring the internals of operating systems and hardware, often working on topics like bootkits, rootkits, UEFI exploitation, and secure boot design. Through hands-on experiments and technical analysis, I aim to uncover critical vulnerabilities and better understand how these systems can be attacked and defended.
I am dedicated to strengthening the foundational layers of system security and constantly pursue technical challenges that expand my expertise across both software and hardware domains.

Sungshin Women's University, Student
I am a student at Sungshin Women’s University, majoring in system security and vulnerability analysis. I have a strong passion for low-level system security, especially in system hacking, reverse engineering, and hardware hacking, including firmware and embedded systems. My research focuses on offensive and defensive techniques in low-level environments, such as boot process manipulation, trust chain bypassing, and kernel analysis.
I enjoy exploring the internals of operating systems and hardware, often working on topics like bootkits, rootkits, UEFI exploitation, and secure boot design. Through hands-on experiments and technical analysis, I aim to uncover critical vulnerabilities and better understand how these systems can be attacked and defended.
I am dedicated to strengthening the foundational layers of system security and constantly pursue technical challenges that expand my expertise across both software and hardware domains.

Back to Time Table